Seattle Information Technology

Archives for January 8, 2013

The YTech’s Civic Voice Curriculum is a winner! On November 15, six youth programs will be receiving the first Colleen Willoughby Youth Civic Education Awards from the Seattle City Club. The curriculum helps develop the ability of youth to learn to produce digital media, and participate online to connect, collaborate and take action. The curriculum was developed by the YMCA in conjunction with the Puget SoundOff project, supported by the City of Seattle Department of Information Technology with Comcast. Chris Tugwell from the YMCA and David Keyes from the City of Seattle Community Technology Program recently presented the Puget SoundOff and Civic Voice Curriculum at the NCDD conference. You can see their NCDD presentation on Slideshare.

Customers of PNC Financial Services are being warned of a potential cyber attack. PNC officials says the company’s website is seeing heavier volumes of online traffic, which is often a sign of cyber attacks. The cyber attack can lock customers out of their services, slow down online banking or shutdown the website entirely. PNC has taken extra security measures to protect the company and customers. Citigroup, Chase and Wells Fargo have taken similar precautions.
Source: http://www.indianasnewscenter.com/news/local/130107-pnc-cyber-attack-warning-185940732.html

A significant rise in smartphone attacks is predicted every year, and it hasn’t happened yet. But that isn’t stopping major security firms from saying this will be the year that phones will finally emerge as a major target for cybercriminals. There are many reasons why smartphones are vulnerable. For one, they run most of the same software that smartphone users also use on their computers. Smartphones also have many additional capabilities that hackers can exploit. They can connect to other potentially vulnerable devices using Bluetooth and send and receive text messages, for example. But smartphones are also increasingly being used as mobile wallets. That’s why cybersecurity experts believe mobile payment systems are likely to be the next big target for cybercriminals. According to research from Juniper Networks, 300 million smartphones around the world will be equipped with the near-field communications (NFC) chips needed for mobile payments. Juniper predicts global NFC transactions will total nearly $50 billion this year. Though the underlying NFC technology is believed to be secure, the applications designed to use it “will be riddled with security holes, and massive losses will ensue,” according to Rod Rasmussen, president of security company IID. Mobile payments may be the most headline-grabbing phone attack method, but it won’t be the only one. Security experts believe another prominent technique will be ransomware — malware that takes control of a user’s device and data, relinquishing it only if the user pays money. Researchers from McAfee, an Intel subsidiary, think ransomware will become a “prominent trend” in 2013. Security firm Top Patch expects ransomware to graduate from attacking “celebrity victims” to regular consumers this year.
Source: http://fox8.com/2013/01/08/smartphone-cyber-attacks-to-grow-this-year/

FBI’s Internet Crime Complaint Center (IC3) has released a report detailing recent cyber crime trends and new twists to previously-existing cyber scams. Among them is a new approach used by pay day loan phone scammers, who have been targeting individuals for the last three years: The scam involves victims being relentlessly contacted at their residences and places of employment regarding claims they are delinquent on a payday loan. Various coercion techniques have been used by the subjects in an attempt to persuade the victim to send money. Such techniques have evolved from repeated annoying phone calls to abusive language, threats of bodily harm, and arrests. The IC3 has become aware of increased coercion tactics used by the subjects, which have created a threat to emergency services across the nation. The threats have now escalated into a Telephony Denial of Service (TDoS) attacks against the victims’ employers, which some have been emergency service agencies. The TDoS attacks have tied up the emergency services’ telephone lines, preventing them from receiving and responding to legitimate emergency calls. The other tactic the subjects are now using in order to convince the victim that a warrant for their arrest exists is by spoofing a police department’s telephone number when calling the victim. The subject claims there is a warrant issued for the victim’s arrest for failure to pay off the loan. In order to have the police actually respond to the victim’s residence, the subject places repeated, harassing calls to the local police department while spoofing the victim’s telephone number.
Source: http://www.net-security.org/secworld.php?id=14195

A phone hacking ring with ties to Al Qaeda-related groups in the Philippines and Somalia have targeted small businesses in New York, stealing hundreds of thousands of dollars worth of overseas long distance calls, alleges a New York senator. Sen. Charles Schumer said in a press conference on Jan. 7 that the ring is exploiting gaps in telecommunications carriers’ protections against such activities. He called on the carriers and the Federal Communications Commission to immediately strengthen consumer protections. According to Schumer, the ring has a connection to Syracuse and is currently being investigated by law enforcement, but its members have not been caught. He added that 26 businesses in the Syracuse area have come forward to say they’ve been victims of the communications scheme. Schumer said hackers were manipulating businesses’ voicemail systems to make thousands of costly long-distance calls overseas, leaving New York businesses on the hook for the substantial bills. He told local reporters that phone numbers compromised in Syracuse are being connected to phones that are known to be linked to the terror organization in Somalia and the Philippines. Schumer speculated the operation may be a revenue-generator for Al Qaeda, or a way to communicate with inconspicuous numbers. However, he said in a Jan. 7 statement that the connection the hackers have to Syracuse “still must be confirmed.” “Already, dozens of New York small businesses have fallen prey to these hackers through their voicemail systems, and are often forced to cover the cost for weeks-worth of overseas calls,” he said. One dry cleaning company in the area, he said, was hit with a $150,000 phone bill for nearly 9,000 overseas calls. That business is currently in a legal battle with its telephone provider over the bill. Telecommunications companies, he said, lack policies that freeze accounts that experience suspicious activities. He repeatedly urged the FCC and carriers to take immediate action to plug the security gap.
Source: http://www.gsnmagazine.com/node/28198?c=law_enforcement_first_responders

Samsung has started to push software updates to some users of its Galaxy branded phones this week, fixing a flaw that was found affecting devices containing Exynos processors shortly before Christmas. The update addresses a root exploit developed by XDA Developers forum member Alephzain two and a half weeks ago that allows malicious application installation and kernel code injection. The exploit also can also grant applications the ability to read the device’s RAM and physical memory among other things. According to SamMobile, a Samsung community fan site, Samsung customers in the UK reportedly began receiving the 19300XXELLA update over-the-air and via Kies, the company’s PC-to-phone software, on Wednesday. The bug had previously affected Samsung devices powered by the Exynos 4210 and 4412 processors. Phandroid notes the fix also updates the phone’s bootloader, suggesting it may remedy a recent “sudden death” problem that’s plagued phones like the Galaxy S III, causing them to shut off for no apparent reason. [HSEC-1.9; Date: 4 January 2013; Source: http://threatpost.com/en_us/blogs/samsung-pushes-exynos-flaw-fix-galaxy-phones-010413]

Microsoft has announced it intends to launch seven patches in its first Patch Tuesday update of 2013 to address a number of issues across several major products. The seven updates are based on two critical fixes and five important updates to address a total of 12 vulnerabilities. The critical issues are found on Microsoft Windows, Office, Developer Tools and Microsoft Server Software. The important updates are found in Microsoft Windows, .NET Framework and Microsoft Server Software. Dustin Childs, the group manager for Microsoft Trustworthy Computing, said the firm would offer more insights on the risks and fixes when they’re made available next week.

Adobe will release a round of patches on Tuesday for its Reader and Acrobat products, and also has issued a separate advisory that it is working on a update for a vulnerability in ColdFusion that the company said is currently being exploited. “We are currently evaluating the reports and plan to issue a security advisory as soon as we have determined mitigation guidance for ColdFusion customers and a timeline for a fix,” Adobe’s Wendy Poland said in an advisory. The vulnerabilities affect ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Mac and Unix. A ColdFusion hotfix was included in Adobe’s December patch release. ColdFusion 10 and earlier versions for Windows, Mac and Unix were patched for a sandbox permissions vulnerability in shared hosting environments. [HSEC-1.9; Date: 4 January 2013; Source: http://threatpost.com/en_us/blogs/adobe-patch-reader-acrobat-warns-coldfusion-exploit-010413]

An elite hacker group credited last year with having an inexhaustible supply of zero-day vulnerabilities was responsible for digging up and first using the newest unpatched bug in Internet Explorer (IE), a Symantec manager today. The gang, dubbed “Elderwood” after a source code variable regularly used by the hackers, had been profiled last September by Symantec in a research paper that outlined its strategies as well as its hacking tactics. Yesterday, Symantec linked Elderwood to the newest IE zero-day, which researchers said last week was being used to attack Windows PCs whose owners visited the Council on Foreign Relations’ (CSR) website using IE6, IE7 or IE8. CSR is a high-profile foreign policy think-tank. Symantec based its conclusion on several factors, including similarities in attack code used both in past exploits and the most recent. [HSEC-1.8; Date: 4 January 2013; Source: http://www.computerworld.com/s/article/9235276/Elite_hacker_gang_pulls_out_another_IE_zero_day_from_bottomless_pocket?taxonomyId=17

Some 3,500 people had their personal information exposed when hackers hit two servers of the UNC Lineberger Comprehensive Cancer Center. The attack was discovered by UNC-Chapel Hill’s information technology employees in May, yet potential victims were not informed until last week when they received letters from center director Dr. Shelley Earp. … The servers were immediately blocked to protect data. The breach involved administrative servers that did not typically store patient data, so the center’s patients need not worry, said Ellen de Graffenreid, director of communications and marketing at Lineberger. [HSEC-1.8; Date: 4 January 2013; Source: http://www.chapelhillnews.com/2013/01/04/74450/unc-cancer-center-computers-hacked.html